<?php
// +----------------------------------------------------------------------
// | ThinkCMF [ WE CAN DO IT MORE SIMPLE ]
// +----------------------------------------------------------------------
// | Copyright (c) 2013-2014 http://www.thinkcmf.com All rights reserved.
// +----------------------------------------------------------------------
// | Author: Tuolaji <479923197@qq.com>
// +----------------------------------------------------------------------
/**
 */
namespace Admin\Controller;
use Common\Controller\AdminbaseController;
class PublicController extends AdminbaseController {

    public function _initialize() {
        C(S('sp_dynamic_config'));//加载动态配置
    }
    
    //后台登陆界面
    public function login() {
        $admin_id=session('ADMIN_ID');
    	if(!empty($admin_id)){//已经登录
    		redirect(U("admin/index/index"));
    	}else{
    	    $site_admin_url_password =C("SP_SITE_ADMIN_URL_PASSWORD");
    	    $upw=session("__SP_UPW__");
    		if(!empty($site_admin_url_password) && $upw!=$site_admin_url_password){
    			redirect(__ROOT__."/");
    		}else{
    		    session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__",true);
    			$this->display(":login");
    		}
    	}
    }
    
    public function logout(){
    	session('ADMIN_ID',null); 
    	session('user_name',null);
    	redirect(__ROOT__."/index.php?m=admin&c=Index&a=index");
    }
    
    public function dologin(){
        $login_page_showed_success=session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__");
        if(!$login_page_showed_success){
            $this->error('login error!');
        }
    	$name = I("post.username");
    	if(empty($name)){
    		$this->error(L('USERNAME_OR_EMAIL_EMPTY'));
    	}
    	$pass = I("post.password");
    	if(empty($pass)){
    		$this->error(L('PASSWORD_REQUIRED'));
    	}
    	$verrify = I("post.verify");
    	if(empty($verrify)){
    		$this->error(L('CAPTCHA_REQUIRED'));
    	}
    	//验证码
    	if(!sp_check_verify_code()){
    		$this->error(L('CAPTCHA_NOT_RIGHT'));
    	}else{
    		$user = D("Member");
    		if(strpos($name,"@")>0){//邮箱登陆
    			$where['email']=$name;
    		}else{
    			$where['user_name']=$name;
    		}
    		
    		$result = $user->where($where)->find();
    		if(!empty($result) && $result['user_type']==1){
    			if(sp_compare_password($pass,$result['password'])){
    				
    				$role_user_model=M("RoleUser");
    				
    				$role_user_join = C('DB_PREFIX').'role as b on a.role_id =b.id';
    				
    				$groups=$role_user_model->alias("a")->join($role_user_join)->where(array("user_id"=>$result["user_id"],"status"=>1))->getField("role_id",true);
    				if( $result["user_id"]!=2 && $result["user_id"]!=1 && ( empty($groups) || empty($result['user_status']) ) ){
    					$this->error(L('该用户没有权限！'));
    				}
    				//登入成功页面跳转
    				session('ADMIN_ID',$result["user_id"]);
    				session('user_name',$result["user_name"]);
                    $save['last_ip']=get_client_ip(0,true);
                    $save['last_login']=time();
                    $user->save($save);
    				cookie("admin_username",$name,3600*24*30);
    				$this->success(L('LOGIN_SUCCESS'),U("Index/index"));
    			}else{
    				$this->error(L('PASSWORD_NOT_RIGHT'));
    			}
    		}
            $promoters = D("Promoters");
            $filter = '';
            $filter['phone_mob']=$name;
            $fruit = $promoters->where($filter)->find();
            if(!empty($fruit)) {
                if ($pass == $fruit['phone_mob']) {

                    $role_user_model=M("RoleUser");

                    $groups=$role_user_model->where(array("user_id"=>$fruit["user_id"],"status"=>1))->find();
                    if($groups['role_id'] != 3 ){
                        $this->error(L('该用户没有权限！'));
                    }
                    //登入成功页面跳转
                    session('ADMIN_ID',$fruit["user_id"]);
                    session('user_name',$fruit["user_name"]);
                    cookie("admin_username",$name,3600*24*30);
                    $this->success(L('LOGIN_SUCCESS'),U("index/index"));
                }else{
                    $this->error(L('PASSWORD_NOT_RIGHT'));
                }
            }
    		$this->error(L('USERNAME_NOT_EXIST'));
    	}
    }

}